Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,323 vulnerabilities with CWE-862

CVE-2025-11894 MEDIUM

Shelf Planner <2.7.0 - Info Disclosure

CVE-2025-42899 MEDIUM

SAP S4CORE (Manage Journal Entries) - Authenticated Privilege Escalation

CVE-2025-42882 MEDIUM

SAP NetWeaver Application Server for ABAP - Info Disclosure

CVE-2025-48878 MEDIUM

Combodo iTop <3.2.2 - Path Traversal

CVE-2025-64684 MEDIUM

JetBrains YouTrack < 2025.3.104432 - Information Disclosure via Feedback Form

CVE-2025-64681 LOW

JetBrains Hub < 2025.3.104992 - Missing Authorization via Invitation Race Condition

CVE-2025-12925 HIGH

rymcu forest < 2025-09-04 - Missing Authorization in UserDicController

CVE-2025-12924 MEDIUM

rymcu forest < 2025-09-07 - Missing Authorization in BankController GlobalResult

CVE-2025-11448 MEDIUM

Envira Photo Gallery <1.11.0 - Info Disclosure

CVE-2025-12498 MEDIUM

EventPrime - Events Calendar - Privilege Escalation

CVE-2025-7663 MEDIUM

Ovatheme Events Manager <1.8.6 - Auth Bypass

CVE-2025-12167 MEDIUM

Contact Form 7 AWeber Extension <0.1.42 - Info Disclosure

CVE-2025-12042 MEDIUM

Course Booking System plugin <6.1.5 - Info Disclosure

CVE-2025-12583 MEDIUM

Simple Downloads List <1.4.3 - Info Disclosure

CVE-2025-12527 MEDIUM

Page & Post Notes <1.3.4 - Privilege Escalation

CVE-2025-4522 MEDIUM

IDonate 2.0.0-2.1.9 Authenticated Arbitrary User Deletion via admin_post_donor_delete()

CVE-2025-64323 MEDIUM

kgateway <= 2.0.4 and 2.1.0-agw-cel-rbac-2.1.0-rc.2 - Unauthenticated Sensitive Data Exposure via xDS Port

CVE-2025-5483 HIGH

LC Wizard <1.3.0 - Privilege Escalation

CVE-2025-64179 MEDIUM

lakeFS < 1.71.0 - Unauthenticated Exposure of Sensitive Information via Usage Report Endpoint

CVE-2025-62914 MEDIUM

Effect Maker <= 1.2.1 - Missing Authorization

CVE-2025-62049 MEDIUM

Stylemix Cost Calculator Builder <3.5.32 - Info Disclosure

CVE-2025-62046 MEDIUM

CodexThemes TheGem Demo Import - Info Disclosure

CVE-2025-62037 MEDIUM

uxper Togo <1.0.4 - Info Disclosure

CVE-2025-62033 MEDIUM

Togo < 1.0.4 - Missing Authorization

CVE-2025-62028 MEDIUM

ThemeNectar Salient - Info Disclosure

Previous Page 95 of 333 Next

Details

Vulnerabilities 8,323

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy